<?

class User {

    private static $salt = "saltpass";

    public function __construct() {
        $db = $GLOBALS['MAIN']->DB;
        if (isset($_COOKIE['FROSTSTORE']) && $_COOKIE['FROSTSTORE'] != "") {
            $array = unserialize(base64_decode(substr($_COOKIE['FROSTSTORE'], 1)));
            $this->Update($array[0], array('is_authorized' => '1'));
        }
        if (!isset($_SESSION['UID']) || !$this->IsAuthorized()) {
            $_SESSION['UID'] = 0;
        } else {
            $this->data = $this->GetData();
        }
    }

    function IsAuthorized($id = false) {
        if (!$id) {
            $id = $_SESSION['UID'];
        }
        $db = $GLOBALS['MAIN']->DB;
        $userObj = $db->select()->table('users__users')
                ->field('id')
                ->cond('id', $id)
                ->cond('is_authorized', 1)
                ->cond('last_session_id', session_id())
                ->execute();
        $user = $userObj->Fetch();
        return $user == true;
    }

    function GetData($id = false) {
        if (!$id) {
            $id = $_SESSION['UID'];
        }
        $db = $GLOBALS['MAIN']->DB;
        $userObj = $db->select()->table('users__users')
                ->field()
                ->cond('id', $id)
                ->execute();
        $user = $userObj->Fetch();
        $user['fields'] = $this->GetFields($id);
        return $user;
    }

    function GetFields($uid) {
        $db = $GLOBALS['MAIN']->DB;
        $result = $db->select()->table('users__fields')->field()->execute();
        $fields = array();
        while ($field = $result->Fetch()) {
            $valueObj = $db->select()->table('users__fields_value')->field('value')
                    ->cond('uid', $uid)
                    ->cond('field_id', $field['id'])
                    ->execute();
            while ($value = $valueObj->Fetch()) {
                $field['values'][] = $value['value'];
            }
            $fields[$field['code']] = $field;
        }
        return $fields;
    }

    function GetDataByLogin($login) {
        $db = $GLOBALS['MAIN']->DB;
        $userObj = $db->select()->table('users__users')
                ->field('id')
                ->cond('login', $login)
                ->execute();
        $user = $userObj->Fetch();
        $id = $user['id'];
        return $this->GetData($id);
    }

    function Login($login, $pass) {
        $data = $this->GetDataByLogin($login);
        $db = $GLOBALS['MAIN']->DB;
        $pass = md5(self::$salt . $pass . self::$salt);
        $ok = false;

        if ($data['login'] === $login && $data['pass_hash'] === $pass && $data['status'] !== 'B') {
            $result = $db->update()->table('users__users')
                    ->set('is_authorized', '1')
                    ->set('last_session_id', session_id())
                    ->cond('id', $data['id'])
                    ->execute();
            $ok = true;
        }
        $_SESSION['UID'] = $data['id'];
        return $ok;
    }

    function Logout($id = false) {
        $db = $GLOBALS['MAIN']->DB;
        $ok = false;
        if (!$id) {
            $id = $_SESSION['UID'];
        }
        if ($id != 0) {
            $result = $db->update()->table('users__users')
                    ->set('is_authorized', 'NULL')->noquotes()
                    ->set('last_enter_date', date('Y-m-d H:i:s'))
                    ->cond('id', $id)
                    ->execute();
            $ok = $result == true;
        }
        $_SESSION['UID'] = 0;
        setcookie('FROSTSTORE');
        return $ok;
    }

    function Update($id = false, $fields) {
        $db = $GLOBALS['MAIN']->DB;
        $ok = false;
        if (!$id) {
            $id = $_SESSION['UID'];
        }
        $ok = false;
        $db->update()->table('users__users');
        foreach ($fields as $field => $value) {
            if ($field == "pass") {
                $field = 'pass_hash';
                $value = md5(self::$salt . $value . self::$salt);
            }
            $db->set($field, $value);
        }
        $db->cond('id', $id);
        $ok = $db->execute() == true;
        return $ok;
    }

    function IsAdmin() {
        return ($this->IsAuthorized() && $this->data['user_group_id'] == 1);
    }

}
